This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SUSE-SA:2005:050 (kernel).
The Linux kernel was updated to fix the following security issues:
- CVE-2005-2457: A problem in decompression of files on 'zisofs'
filesystem was fixed.
- CVE-2005-2458: A potential buffer overflow in the zlib decompression
handling in the kernel was fixed.
- CVE-2005-2459: Some return codes in zlib decoding were fixed which
could have led to an attacker crashing the kernel.
- CVE-2005-2555: Only processes with the CAP_NET_ADMIN capability is
now allowed load socket policies.
- CVE-2005-2456: Fixed a potential overflow caused by missing boundary
checks of sock->sk_policy in net/xfrm/.
- AMD64/EM64T/x86_64 only: A previous fix for a denial of service
attack with compat 32bit mode programs was too strict and could
crash the kernel. (The earlier fix had the Mitre CVE ID CVE-2005-1765.)
- S/390 only: Fixed /sys/ permissions where a user could change machine
states, including powering down or up partitions.
- CVE-2005-0916: PowerPC only: A missing patch for a hugetlb memory
context handling problem was added.
Above problems affect SUSE Linux 9.1 up to 9.3 and SUSE Linux
Enterprise Server 9.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now